AWS DevOps & Developer Productivity Blog
Deploying a serverless application using AWS CDK
There are multiple ways to deploy API endpoints, such as this example, in which you could use an application running on Amazon EC2 to demonstrate how to integrate Amazon ElastiCache with Amazon DocumentDB (with MongoDB capability). While the approach in this example helps achieve great performance, and reliability through the elasticity and the ability to scale up or down the number of EC2 instances in order to accommodate the load on the application, there is still however some operational overhead you still have to manage the EC2 instances yourself. One way of addressing the operational overhead issue and related costs could be to transform the application into a serverless architecture.
The example in this blog post uses an application that provides a similar use case, using a serverless architecture showcasing some of the tools that are being leveraged by customers transitioning from lift-and-shift to building cloud-native applications. It uses Amazon API Gateway to provide the REST API endpoint connected to an AWS Lambda function to provide the business logic to read and write from an Amazon Aurora Serverless database. It also showcases the deployment of most of the infrastructure with the AWS Cloud Development Kit, known as the CDK. By moving your applications to cloud native architecture like the example showcased in this blog post, you will be able to realize a number of benefits including:
- Fast and clean deployment of your application thereby achieving fast time to market
- Reduce operational costs by serverless and managed services
Architecture Diagram
At the end of this blog, you have an AWS Cloud9 instance environment containing a CDK project which deploys an API Gateway and Lambda function. This Lambda function leverages a secret stored in your AWS Secrets Manager to read and write from your Aurora Serverless database through the data API, as shown in the following diagram.
This above architecture diagram showcases the resources to be deployed in your AWS Account
Through the blog post you will be creating the following resources:
- Deploy an Amazon Aurora Serverless database cluster
- Secure the cluster credentials in AWS Secrets Manager
- Create and populate your database in the AWS Console
- Deploy an AWS Cloud9 instance used as a development environment
- Initialize and configure an AWS Cloud Development Kit project including the definition of your Amazon API Gateway endpoint and AWS Lambda function
- Deploy an AWS CloudFormation template through the AWS Cloud Development Kit
Prerequisites
In order to deploy the CDK application, there are a few prerequisites that need to be met:
- Create an AWS account or use an existing account.
- Install Postman for testing purposes
Amazon Aurora serverless cluster creation
To begin, navigate to the AWS console to create a new Amazon RDS database.
- Select Create Database from the Amazon RDS service.
- Select Standard Create under Choose a database creation method.
- Select Serverless under Database features.
- Select Amazon Aurora as the engine type under Engine options.
- Enter db-blog for your DB Cluster Identifier.
- Expand the Additional Connectivity section and select the Data API option. This functionality enables you to access Aurora Serverless with web services-based applications. It also allows you to use the query editor feature for Aurora Serverless in order to run SQL queries against your database instance.
- Leave the default selection for everything else and choose Create Database.
Your database instance is created in a single availability zone (AZ), but an Aurora Serverless database cluster has a capability known as automatic multi-AZ failover, which enables Aurora to recreate the database instance in a different AZ should the current database instance or the AZ become unavailable. The storage volume for the cluster is spread across multiple AZs, since Aurora separates computation capacity and storage. This allows for data to remain available even if the database instance or the associated AZ is affected by an outage.
Securing database credentials with AWS Secrets Manager
After creating the database instance, the next step is to store your secrets for your database in AWS Secrets Manager.
- Navigate to AWS Secrets Manager, and select Store a New Secret.
- Leave the default selection (Credentials for RDS database) for the secret type. Enter your database username and password and then select the radio button for the database you created in the previous step (in this example, db-blog), as shown in the following screenshot.
- Choose Next.
- Enter a name and optionally a description. For the name, make sure to add the prefix rds-db-credentials/ as shown in the following screenshot.
- Choose Next and leave the default selection.
- Review your settings on the last page and choose Store to have your secrets created and stored in AWS Secrets Manager, which you can now use to connect to your database.
Creating and populating your Amazon Aurora Serverless database
After creating the DB cluster, create the database instance; create your tables and populate them; and finally, test a connection to ensure that you can query your database.
- Navigate to the Amazon RDS service from the AWS console, and select your db-blog database cluster.
- Select Query under Actions to open the Connect to database window as shown in the screenshot below . Enter your database connection details. You can copy your secret manager ARN from the Secrets Manager service and paste it into the corresponding field in the database connection window.
- To create the DB instance run the following SQL query:
CREATE DATABASE recordstore;
from the Query editor shown in the screenshot below:
- Before you can run the following commands, make sure you are using the Recordstore database you just created by running the command:
- Create a records table using the following command:
- Create a singers table using the following command:
- Add a record to your records table and a singer to your singers table.
You should see the following result:
Creating a Cloud9 instance
To create a Cloud9 instance:
- Navigate to the Cloud9 console and select Create Environment.
- Name your environment
AuroraServerlessBlog
. - Keep the default values under the Environment Settings.
Once your instance is launched, you see the screen shown in the following screenshot:
For the next section of this example, you mostly work on the command line of your Cloud9 terminal and on your file explorer.
Creating the CDK deployment
The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to model and provision your cloud application resources using familiar programming languages. If you would like to familiarize yourself the CDKWorkshop is a great place to start.
First, create a working directory called RecordsApp and initialize a CDK project from a template.
Run the following commands:
Now your instance should look like the example shown in the following screenshot:
You are mainly working in two directories:
- Resources
- Lib
Your initial set up is ready, and you can move into creating specific services and deploying them to your account.
Creating AWS resources using the CDK
- Follow these steps to create AWS resources using the CDK:
- Under the /lib folder, open the records_app-stack.ts
-
- Paste the following code with these changes:
- Replace the dbARN with the ARN of your AuroraServerless DB ARN from the previous steps.
- Paste the following code with these changes:
Replace the dbSecretARN with the ARN of your Secrets Manager secret ARN from the previous steps.
This snippet of code will instruct the AWS CDK to create the following resources:
- IAM role:
AuroraServerlessBlogLambdaRole
containing the following managed policies:- AmazonRDSDataFullAccess
- service-role/AWSLambdaBasicExecutionRole
- Lambda function: RecordsHandler, which has a Node.js 8.10 runtime and three environmental variables
- API Gateway: Records Service, which has the following characteristics:
- GET Method
- GET /
- { id } Resource
- GET method
- GET /{id}
- POST method
- POST /{id}
- GET method
- GET Method
- Create the Lambda code that is invoked from the API Gateway endpoint. Under the /resources directory, create a file called
records.js
and paste the following code in this file
Take a look at what this Lambda function is doing. You have two functions inside of your Lambda function. The first is the exported handler, which is defined as an asynchronous function. The second is a unique identifier function to generate four-digit random numbers you use as UIDs for your database records. In your handler function, you handle the following actions based on the event you get from API Gateway:
- Method GETwith empty path /:
- This calls the data API
executeStatement
method with the following SQL query:
- This calls the data API
- Method GET with a record name in the path /{recordName}:
- This calls the data API executeStatmentmethod with the following SQL query:
- Method POST with a payload in the body:
- This makes two calls to the data API
executeStatement
with the following SQL queries:
- This makes two calls to the data API
Now you have all the pieces you need to deploy your endpoint and Lambda function by running the following commands:
If you change the Lambda code or add aditional AWS resources to your CDK deployment, you can redeploy the application by running all four commands in a single line:
Testing with Postman
Once it’s done, you can test it using Postman:
GET = ‘RecordName’ in the path
- example:
- API-GATEWAY ENDPOINT/RecordName
POST = Payload in the body
- example:
{
"recordTitle" : "BlogTest",
"recordReleaseDate" : "2020-01-01",
"singerName" : "BlogSinger",
"singerNationality" : "AWS"
}
Clean up
To clean up the resources created by the CDK, run the following command in your Cloud9 instance:
To clean up the resources created manually, run the following commands:
Conclusion
This blog post demonstrated how to transform an application running on Amazon EC2 from a previous blog into serverless architecture by leveraging services such as Amazon API Gateway, Lambda, Cloud 9, AWS CDK, and Aurora Serverless. The benefit of serverless architecture is that it takes away the overhead of having to manage a server and helps reduce costs, as you only pay for the time in which your code executes.
This example used a record-store application written in Node.js that allows users to find their favorite singer’s record titles, as well as the dates when they were released. This example could be expanded, for instance, by adding a payment gateway and a shopping cart to allow users to shop and pay for their favorite records. You could then incorporate some machine learning into the application to predict user choice based on previous visits, purchases, or information provided through registration profiles.
About the Authors
Luis Lopez Soria is an AI/ML specialist solutions architect working with the AWS machine learning team. He works with AWS customers to help them with the adoption of Machine Learning on a large scale. He enjoys doing sports in addition to traveling around the world, exploring new foods and cultures.
Georges Leschener is a Partner Solutions Architect in the Global System Integrator (GSI) team at Amazon Web Services. He works with our GSIs partners to help migrate customers’ workloads to AWS cloud, design and architect innovative solutions on AWS by applying AWS recommended best practices.